For years we’ve documented how the internet of broken things industry and evangelists have contributed to a global privacy and security shitshow. The rush to connect everything from tea kettles to Barbie dolls to the internet without including even basic privacy or security standards has resulted in a massive security problem few seem interested in actually fixing. As a result we’re not only less secure and more at risk for privacy violations, but these devices are now routinely contributing to some of the most devastating DDoS attacks history has ever seen.
A year or so ago Bruce Schneier penned what was probably the best explanation of why nothing in the IOT chain of dysfunction seems to improve:
“The market can’t fix this because neither the buyer nor the seller cares. Think of all the CCTV cameras and DVRs used in the attack against Brian Krebs. The owners of those devices don’t care. Their devices were cheap to buy, they still work, and they don’t even know B